I recently downloaded mozilla and used the browser for about 2 weeks, (default set) worked just fine, turned on computer today, mozilla firefox browser was not there. i had been getting trojan and malware messages in hitman on the set up download, but not until after it was installed, now i have a new browser with "ask" as my search engine/homepage, it has never been my homepage, I have had the same homepage since 1997http://i.imgur.com/fp0Ec.png?1http://i.imgur.com/XenR7.png
I have tried to uninstall from add/remove programs, but i keep getting a message that says.....you must restart your computer to complete an upgrade of firefox. I havent tried to UPGRADE, and turning computer on and off does nothiing to help, can i somehow force an uninstall? how do you clean up behind it if i do get it uninstalled? I also noticed some shortcuts dont work, and under their properties they have been given different (target/paths?)
xp home, sp3, mse, mbam, hitman. updated daily, and now nothing is being picked up as a ware/virus/trojan but where is my browser?

Last edited by Anupam; 12. May 2012 at 04:28 AM.
Reason: Removed IMG tags coz of large images

This looks very much like your browser has been hijacked by another application. If you've been using it as stated for two weeks then the code responsible would likely not have been in your PC already, but have been picked up from somewhere else.

I would suggest three things:

First, install the WOT (Web Of Trust) browser extension and only open sites with a "green" rating. Better still (my personal opinion only ) replace Google with the DuckDuckGo search engine and enable WOT icons from the settings panel.

Second, change your DNS settings to use Norton's service. This will also advise you about potentially dangerous sites.

Lastly, install WinPatrol. This is a lightweight HIPS program which will run quite happily alongside other security software and will warn you about Ask and other browser addons should these be included with any other software you might want to install.

The usual practice of only sourcing program downloads from reputable sources also applies, and scanning them via VirusTotal too is worth the extra trouble.

Placou you have downloaded the software from Soft32.com, and they imposes their own download manager for downloading certain softwares.

Firefox by default in Soft32 database doesn't download through their download manager. So there's a chance that you have manually installed Soft32 Download manager on your system.

I advice you to uninstall this download manager using Add/Remove Programs in the Control Panel or use Revo Uninstaller. Read edit portion at the bottom

Then download CCleaner and clean all your temp files by clicking "Run Cleaner".

I also advice you to download MalwareBytes Anti-Malware and update the program and run a quick scan of your system. Post the log file generated in this thread.

Also download HijackThis, accept the licence agreement and click on "Do a system scan and save a log file" and upload the log file generated in this thread.

Warning: Do not attempt to fix any errors or click any other buttons on its interface while using HijackThis.

This is because the download manager recommends you to download & install other programs during the time you are downloading a software from their database. So you might have forgot to uncheck the option to install Ask Toolbar in their download manager.

If you are a newbie I advice you that, when you are downloading & installing programs on your system, please check all the checkboxes, because if you are not doing so, you are inviting crapware to be installed on the system. Also I recommend you to ignore Soft32 for downloading programs and use alternative sites like Softpedia, SnapFiles, FileHippo, MajorGeeks etc. If you would like to monitor any changes made by the software on your system you can download and install WinPatrol

Edit: After a thought, I wonder if Soft32 actually installs their Download manager on your system. I believe the download manager only appears during the time when you download and install a software from their databse on your system. But I don't believe to what extent Soft32 Downloader cleans itself up after downloading & installing a software. In that case, you may just uninstall Soft32 updater if you have installed it on your system, if not skip step1

According to VirusTotal Reports, 5/42 antiviruses swear by their heuristic engine (not through definition files) that Soft32 updater is a generic virus.

__________________
If you seek for attention, do common things in life in an uncommon way!

Allright, so I just checked about Soft32 Download manager by downloading a software from Soft32.com using their download manager. As far as I can see, the download manager doesn't install on the system but only runs during the time when you download the software (similar to CNET download manager). Sadly it doesn't clean up fully after installation. There are traces left behind in the Temp, Temporary Internet Files, Application Data folder. So you may ignore step 1 that I have mentioned (of the 4 steps) , unless you have Soft32 Updater installed on the system and you may uninstall that. Then continue to step 2.

__________________
If you seek for attention, do common things in life in an uncommon way!

I believe malware blocking of NortonDNS is better than the free version of OpenDNS which offers basic malware blocking.

According to my understanding OpenDNS has NO malware blocking feature in the free version. All you get is protection against known phishing sites unless you upgrade to their commercial plan. I have always disliked the way they market themselves in this area because everyone I speak to who uses OpenDNS (free) believes they do have malware protection.

According to my understanding OpenDNS has NO malware blocking feature in the free version. All you get is protection against known phishing sites unless you upgrade to their commercial plan. I have always disliked the way they market themselves in this area because everyone I speak to who uses OpenDNS (free) believes they do have malware protection.

OpenDNS basic and deluxe versions does have basic Botnet/Malware protection, that was responsible for blocking Conficker worm & Microsoft Zero day exploits. This basic malware protection blocks Internet bots and dangerous websites. Whereas "Malware site protection feature" (brand new and totally different from basic malware protection) is exclusive to the Enterprise version. It has been promised that, this feature may be available for the deluxe and free versions over time.

__________________
If you seek for attention, do common things in life in an uncommon way!

OpenDNS basic and deluxe versions does have basic Botnet/Malware protection, that was responsible for blocking Conficker worm & Microsoft Zero day exploits. This basic malware protection blocks Internet bots and dangerous websites. Whereas "Malware site protection feature" (brand new and totally different from basic malware protection) is exclusive to the Enterprise version. It has been promised that, this feature may be available for the deluxe and free versions over time.

Are you able to provide a link to where you saw this information because I've not been able to confirm it and OpenDNS do not respond to my emails.

I'm aware they promote this on their site:

"OpenDNS owns and operates PhishTank, the largest clearinghouse of phishing information on the Internet. OpenDNS incorporates PhishTank into its services to protect you from fraudulent websites that attempt to steal your personal information and money. In addition, OpenDNS provides protection against two of the most pervasive Internet security threats that continue to infect millions of users — Conficker, the largest botnet, and Internet Explorer exploits".

... but this is not malware protection. Sure they guard against Conficker but so does every AV worth installing. I.E. exploit protection is also worth having for the diminishing numbers of IE users, but it still 'ain't malware protection as all of the OpenDNS users I've encountered believe they have.